Don Horrell
Home
Best Practice
Offline HTML5
Code Snippets
Links
Contact
Failure to restrict URL access.
Use J2EE roles to restrict access to URLs.
The default access should be no access.
Check the access on the server; fine-grained access rules can be configured in Spring, Struts etc.
Copyright Donald Horrell 2012, 2013. All rights reserved